The Hidden Lynx group is a professional team of attackers with advanced capabilities. They were responsible for the compromise of security firm Bit9's digital code-signing certificate which was used to sign malware. The Bit9 breach was part of the much larger VOHO campaign and that campaign was just one of many operations undertaken by the group over the last four years.

This paper takes an in-depth look at the Hidden Lynx group, their targets and their motivations. It will look into their capabilities and attack strategies through their attack campaigns including the Bit9 incident.